colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

apply patch for when trust-dns is renamed to hickory-dns

Browse Source
This commit is contained in:
Colin
2024-06-01 17:07:44 +00:00
parent 368169d48d
commit f0128b9496
2 changed files with 24 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
modules/services/trust-dns/default.nix
View File

@@ -117,9 +117,9 @@ let
'') dns.zones '') dns.zones
); );
serviceConfig = config.systemd.services.trust-dns.serviceConfig // { serviceConfig = (config.systemd.services.hickory-dns or config.systemd.services.trust-dns).serviceConfig // {
ExecStart = lib.escapeShellArgs ([ ExecStart = lib.escapeShellArgs ([
"${config.services.trust-dns.package}/bin/${config.services.trust-dns.package.meta.mainProgram}" "${lib.getExe config.services.trust-dns.package}"
"--port" (builtins.toString port) "--port" (builtins.toString port)
"--zonedir" "/var/lib/trust-dns/${flavor}" "--zonedir" "/var/lib/trust-dns/${flavor}"
"--config" "${configPath}" "--config" "${configPath}"
@@ -131,7 +131,7 @@ let
# servo/dyn-dns needs /var/lib/uninsane/wan.txt. # servo/dyn-dns needs /var/lib/uninsane/wan.txt.
# this might not exist on other systems, # this might not exist on other systems,
# so just bind the deepest path which is guaranteed to exist. # so just bind the deepest path which is guaranteed to exist.
ReadOnlyPaths = [ "/var/lib" ]; ReadOnlyPaths = [ "/var/lib" ]; #< TODO: scope this down!
} // lib.optionalAttrs cfg.asSystemResolver { } // lib.optionalAttrs cfg.asSystemResolver {
# allow the group to write trust-dns state (needed by NetworkManager hook) # allow the group to write trust-dns state (needed by NetworkManager hook)
StateDirectoryMode = "775"; StateDirectoryMode = "775";
@@ -184,9 +184,10 @@ in
rev = "67649863faf2e08f63963a96a491a4025aaf8ed6"; rev = "67649863faf2e08f63963a96a491a4025aaf8ed6";
hash = "sha256-vmVY8C0cCCFxy/4+g1vKZsAD5lMaufIExnFaSVVAhGM="; hash = "sha256-vmVY8C0cCCFxy/4+g1vKZsAD5lMaufIExnFaSVVAhGM=";
}; };
cargoHash = "sha256-FEjNxv1iu27SXQhz1+Aehs4es8VxT1BPz5uZq8TcG/k="; cargoHash = "sha256-NoWrQgTPOp99pEs73VQrfeU3m8fny2s20Mf9qxwiPtQ=";
}); });
}; };
services.trust-dns.settings.directory = "/var/lib/trust-dns";
users.groups.trust-dns = {}; users.groups.trust-dns = {};
users.users.trust-dns = { users.users.trust-dns = {
@@ -196,6 +197,18 @@ in
systemd.services = lib.mkMerge [ systemd.services = lib.mkMerge [
{ {
hickory-dns.enable = false;
hickory-dns.serviceConfig = {
DynamicUser = lib.mkForce false;
User = "trust-dns";
Group = "trust-dns";
wantedBy = lib.mkForce [];
# there can be a lot of restarts as interfaces toggle,
# particularly around the DHCP/NetworkManager stuff.
StartLimitBurst = 60;
StateDirectory = lib.mkForce "trust-dns";
};
trust-dns.enable = false; trust-dns.enable = false;
trust-dns.serviceConfig = { trust-dns.serviceConfig = {
DynamicUser = lib.mkForce false; DynamicUser = lib.mkForce false;
@@ -205,6 +218,7 @@ in
# there can be a lot of restarts as interfaces toggle, # there can be a lot of restarts as interfaces toggle,
# particularly around the DHCP/NetworkManager stuff. # particularly around the DHCP/NetworkManager stuff.
StartLimitBurst = 60; StartLimitBurst = 60;
StateDirectory = lib.mkForce "trust-dns";
}; };
# trust-dns.unitConfig.StartLimitIntervalSec = 60; # trust-dns.unitConfig.StartLimitIntervalSec = 60;
} }

6
nixpatches/list.nix
View File

@@ -32,6 +32,12 @@ in [
# etc, where "date" is like "20240228181608" # etc, where "date" is like "20240228181608"
# and can be found with `nix-repl > :lf . > lastModifiedDate` # and can be found with `nix-repl > :lf . > lastModifiedDate`
(fetchpatch' {
title = "trust-dns: rebrand as hickory-dns";
saneCommit = "a7613d50c58b5612a7b806ce1375d8bf0485ab55";
hash = "sha256-N4DfNhCeg9etVeTPVzJ73CwiZzf43SozK8nrfXIm0uQ=";
})
(fetchpatch' { (fetchpatch' {
title = "libphonenumber: fix cross compilation"; title = "libphonenumber: fix cross compilation";
prUrl = "https://github.com/NixOS/nixpkgs/pull/316094"; prUrl = "https://github.com/NixOS/nixpkgs/pull/316094";